aboutsummaryrefslogtreecommitdiff
path: root/research/security.md
diff options
context:
space:
mode:
Diffstat (limited to 'research/security.md')
-rw-r--r--research/security.md33
1 files changed, 33 insertions, 0 deletions
diff --git a/research/security.md b/research/security.md
new file mode 100644
index 0000000..38e32ce
--- /dev/null
+++ b/research/security.md
@@ -0,0 +1,33 @@
+[[!meta title="Security"]]
+
+Research and development in security:
+
+* [Creepy - Geolocation OSINT Tool](http://www.geocreepy.com/) ([package](https://packages.debian.org/wheezy/creepy)).
+* [Qubes OS](https://www.qubes-os.org/):
+ * [Qubes - Debian Wiki](https://wiki.debian.org/Qubes).
+ * [i3 | Qubes OS](https://www.qubes-os.org/doc/i3/).
+ * [Qubes OS 3.2 [LWN.net]](https://lwn.net/Articles/705827/).
+* bitmask and LEAP.
+* port knocking.
+* hardened systems: apparmor, gradm2, firejail, seccomp, etc.
+* sshd:
+ * https://stribika.github.io/2015/01/04/secure-secure-shell.html
+ * https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774711#60
+ * http://security.stackexchange.com/questions/64562/how-should-i-defend-against-zero-day-attack-on-ssh
+ * https://charlieharvey.org.uk/page/ssh_port_pros_and_cons
+* fuzzy testing: fusil, etc.
+* router: serial console to other boxes with dhe luks! :)
+* [Mailcap, HTML and AppArmor](http://www.justgohome.co.uk/blog/2014/02/mailcap-html-apparmor.html).
+* Increased security on smtp/imaps password storage:
+ * https://github.com/sup-heliotrope/sup/wiki/Securely-Store-Password
+ * http://serverfault.com/questions/149452/how-can-i-use-fetchmail-or-another-email-grabber-with-osx-keychain-for-authent
+ * http://mah.everybody.org/docs/mail/fetchmail_check
+* Enhanced shell:
+ * Add a counter-measure to prevent SSH timing attacks:
+ http://users.ece.cmu.edu/~dawnsong/papers/ssh-timing.pdf
+ http://www.slideshare.net/idsecconf/countermeasure-against-timing-attack-on-ssh-using-random-delay
+ http://www.scribd.com/doc/59628153/Timing-Analysis-of-Keystrokes-and-Timing-Attacks-on-SSH-Revisited
+* https://shodan.io
+* https://censys.io
+* https://keybase.io
+* https://github.com/shadowsocks/shadowsocks-go
generated by cgit v1.2.3 (git 2.39.1) at 2024-04-26 20:21:30 +0000